Solved

TS Gateway and OWA on different servers requiring port 443 with 1 public IP

Posted on 2008-10-27
4
1,398 Views
Last Modified: 2012-06-27
I have a network with an SBS 2003 Server that hosts OWA and some other websites that accept port 443 traffic.

I want to trial Windows 2008 TS Gateway to allow easy remote access to terminal services. I have a new 2008 virtual server set up with just what is needed for the TS Gateway service. This install was easy, but it seems I need port 443 going to this server. How can I separate the traffic for one server from that for the other?

More on the network:  There is a single public IP address that goes through a PIX Firewall and redirects to the SBS server. The SBS server has ISA 2004 installed, but the server has been set up to team the network cards (I assume for redundancy) and so ISA pretty much functions as a web cache.
0
Comment
Question by:littlehogarth
  • 2
  • 2
4 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 22823779

The only way in which I can foresee you being able to do this would be to use a differnet port number externally (say 445), which maps internally to port 443. This would be a change you'd have to make in the PIX Firewall configuration.

I would probably make the change so that:

-Port 445 (external) is open to port 443 (internal) - IP: SBS Server
-Port 443 (external) is open to port 443 (internal) - IP: 2k8 TS Gateway server

That's the only easy way by which this would be possible.

-tigermatt
0
 

Author Comment

by:littlehogarth
ID: 22827403
Yes thats what I thought.

As I believe the RDP client settings for TS Gateway cannot take a port value and so is locked to using 443. Could change the other web server, but have found some posts saying changing OWA can cause issues, plus the whole benefit of having only needing 443 open is lost.

My other thought was just manning up and getting an additional IP. Do you know if two IPs use the same modem?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 22829223

You could ask your host regarding two IPs, but yes, you should be able to plug them into your firewall just fine.

-tigermatt
0
 

Author Closing Comment

by:littlehogarth
ID: 31510635
Thanks Tigermatt, I just didn't want to get a second IP if there was another simple way to manage this.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now